Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
hexank
New Contributor

Created on ‎10-15-2024 09:27 PM

What happened to my packet capture in 7.2?

This afternoon I upgraded from 7.0.15 to 7.2.10 and to my surprise the packet capture GUI changed to complete garbage. Not only that, I have lost the ability to capture multiple interfaces like before.

Is there any way to get the ability to capture multiple interfaces into their own pcaps like before?

Maybe it is hidden in the cli somehow?

10.0.0.0.1 192.168.1.254
10.0.0.0.1 192.168.1.254
Labels:
2505
0 Kudos
4 REPLIES 4
rahul_p1
Staff
Staff

Created on ‎10-15-2024 10:59 PM

Hi,

Please refer to this article for packet capture using GUI:- https://docs.fortinet.com/index.php/document/fortigate/7.2.0/administration-guide/462154

you can also capture packets via CLI:- https://docs.fortinet.com/document/fortiweb/7.6.0/troubleshooting-guide/715676/packet-capture-via-c...

2478
sprashant
Staff
Staff

Created on ‎10-18-2024 02:03 PM

@hexank 

 

Yes there has been changes in the layout, but you can still run the parallel packet captures on the GUI.

 

You just will have to go to Diagnostics under Network, and start on new capture, close it, and then start it again on different interface.

 

packet Capture.PNG

 

Sprashant
2435
0 Kudos
Toshi_Esumi
SuperUser
SuperUser

Created on ‎10-18-2024 02:08 PM Edited on ‎10-18-2024 02:39 PM

This change was necessary/desirable to avoid lots of "duplicate message" (in red or black) in Wireshark view.

In other words, use "diag sniffer packet any ....  4 0 l" in CLI if you need to see how one packet comes in/through/out the chain of interfaces.

 

Toshi

2432
dwright6183
New Contributor

Created on ‎04-10-2025 02:59 PM Edited on ‎04-10-2025 09:49 PM By Community Manager

I'm just going to say I agree with complete garbage, even as explained this is one of the most ignorant PIA things that Fortinet has ever done, currently 7.2 packet captures are essentially worthless  IMO unless you have hours and hours to sift through convert CLI captures, etc... which is never the case.  It used to be simple clean and effective actually one of favorite features and it has been turned.  You would think they would be trying to make administration easier, big step backwards from previous releases.

1131
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.